diff options
author | Antenore Gatta <antenore@simbiosi.org> | 2021-01-08 18:47:09 +0300 |
---|---|---|
committer | Antenore Gatta <antenore@simbiosi.org> | 2021-01-15 15:29:23 +0300 |
commit | c5abdad6aa0d0eaf9df0a7252c32155ef1db9348 (patch) | |
tree | 3a2f393c7237fd401b00274ec3e0d2893e7534b4 /src/remmina_ssh_plugin.c | |
parent | 0dc08c9219b3d5d6e74fb0dab251bdab07e4daaa (diff) |
Implementing simple SSH multi factor authentication.
When an SSH server AuthenticationMethods with multiple methods, like
public key authentions and password, we receive an SSH_PARTIAL_AUTHENTICATION
return code, that was ignored in Remmina.
Now Remmina correctly handle this state and pass to the second mechanism.
More than 2 mechanism are not supported yet, because Remmina doesn't go
behind 3 authentions attempts at the moment (to be fixed).
The next step will be to implement keyboard interactive authentication.
Signed-off-by: Antenore Gatta <antenore@simbiosi.org>
Diffstat (limited to 'src/remmina_ssh_plugin.c')
-rw-r--r-- | src/remmina_ssh_plugin.c | 44 |
1 files changed, 29 insertions, 15 deletions
diff --git a/src/remmina_ssh_plugin.c b/src/remmina_ssh_plugin.c index f52e6bbb2..a9213fbcc 100644 --- a/src/remmina_ssh_plugin.c +++ b/src/remmina_ssh_plugin.c @@ -267,6 +267,7 @@ remmina_plugin_ssh_main_thread(gpointer data) RemminaSSH *ssh; RemminaSSHShell *shell = NULL; gboolean cont = FALSE; + gboolean partial = FALSE; gchar *hostport; gint ret; @@ -309,15 +310,31 @@ remmina_plugin_ssh_main_thread(gpointer data) REMMINA_DEBUG ("tunnel_entrance_host: %s, tunnel_entrance_port: %d", ssh->tunnel_entrance_host, ssh->tunnel_entrance_port); while (1) { - if (!remmina_ssh_init_session(ssh)) { - REMMINA_DEBUG("init session error: %s", ssh->error); - remmina_plugin_service->protocol_plugin_set_error(gp, "%s", ssh->error); - break; + if (!partial) { + if (!remmina_ssh_init_session(ssh)) { + REMMINA_DEBUG("init session error: %s", ssh->error); + remmina_plugin_service->protocol_plugin_set_error(gp, "%s", ssh->error); + break; + } } ret = remmina_ssh_auth_gui(ssh, gp, remminafile); - if (ret != REMMINA_SSH_AUTH_SUCCESS) { - if(ret == REMMINA_SSH_AUTH_RECONNECT) { + switch (ret) { + case REMMINA_SSH_AUTH_SUCCESS: + REMMINA_DEBUG ("Authentication success"); + if (!remmina_ssh_shell_open(shell, (RemminaSSHExitFunc) + remmina_plugin_service->protocol_plugin_signal_connection_closed, gp)) { + remmina_plugin_service->protocol_plugin_set_error(gp, "%s", ssh->error); + break; + } + break; + case REMMINA_SSH_AUTH_PARTIAL: + REMMINA_DEBUG ("Continue with the next auth method"); + partial = TRUE; + continue; + break; + case REMMINA_SSH_AUTH_RECONNECT: + REMMINA_DEBUG ("Reconnecting..."); if (ssh->session) { ssh_disconnect(ssh->session); ssh_free(ssh->session); @@ -325,18 +342,15 @@ remmina_plugin_ssh_main_thread(gpointer data) } g_free(ssh->callback); continue; - } - - if (ret != REMMINA_SSH_AUTH_USERCANCEL) + break; + case REMMINA_SSH_AUTH_USERCANCEL: + REMMINA_DEBUG ("Interrupted by the user"); + break; + default: + REMMINA_DEBUG ("Error during the authentication: %s", ssh->error); remmina_plugin_service->protocol_plugin_set_error(gp, "%s", ssh->error); - break; } - if (!remmina_ssh_shell_open(shell, (RemminaSSHExitFunc) - remmina_plugin_service->protocol_plugin_signal_connection_closed, gp)) { - remmina_plugin_service->protocol_plugin_set_error(gp, "%s", ssh->error); - break; - } cont = TRUE; break; |